Position Summary:Grayscale Investments is seeking a Senior AI Security Architect to partner with our AI Enablement squad and broader engineering organization to ensure the safe, controlled adoption of AI across the firm.
You will be responsible for designing and implementing security controls, guardrails, and governance mechanisms for AI-enabled systems, including LLM-based applications, agentic workflows, and AI-assisted development practices. This role is a key part of ensuring that AI evolves from experimentation into a secure, auditable, and scalable capability.
You will work closely with engineering, data, product, and compliance teams to define secure architecture patterns, protect sensitive data, and ensure AI-driven processes remain explainable, reproducible, and aligned with regulatory expectations. This role reports into the Security organization and partners heavily with the Head of AI and engineering leadership.
Responsibilities:- Partner with engineering teams to design secure AI-enabled systems and define the security requirements, controls, and guardrails necessary for production deployment.
- Develop and maintain AI security standards, reference architectures, and approved design patterns for AI-enabled applications, platforms, and workflows.
- Lead threat modeling, architecture reviews, and security assessments for AI use cases, identifying risks such as prompt injection, data leakage, model misuse, and unintended agent behavior.
- Define and implement controls to protect sensitive data, including access controls, data segregation, lifecycle management, logging, monitoring, and auditability requirements.
- Establish security requirements for enterprise AI platforms, including model access, tool permissions, integration patterns, and third-party AI provider usage.
- Define validation, monitoring, detection, and incident response requirements for AI-enabled systems and partner with engineering and security operations teams to ensure effective implementation.
- Establish secure patterns for the use of AI throughout the software development lifecycle, including code generation, developer tooling, and AI-assisted engineering workflows.
- Assess and manage technical and operational risks associated with AI systems and third-party providers, including exception management, risk acceptance, and regulatory alignment.
- Partner with compliance, audit, and business stakeholders to ensure AI-enabled processes meet regulatory, control, and governance requirements.
- Stay current on emerging AI security risks, technologies, frameworks, and best practices, helping shape Grayscale's long-term AI security strategy.
Qualifications:
- 7+ years of experience in cybersecurity, security engineering, application security, or security architecture.
- Experience designing and implementing security controls in cloud-native environments, preferably AWS.
- Strong understanding of security fundamentals including identity and access management, data protection, network security, monitoring, and incident response.
- Experience developing security standards, architecture patterns, and engineering guardrails for enterprise technology environments.
- Experience conducting threat modeling, architecture reviews, and security assessments for complex applications and platforms.
- Familiarity with AI/ML systems, including LLMs, agentic workflows, and AI-enabled application architectures.
- Strong programming and scripting capabilities (e.g., Python, Terraform, Infrastructure-as-Code) with the ability to review, analyze, and validate technical implementations.
- Strong understanding of modern software development practices including CI/CD, APIs, cloud-native architectures, and secure software development lifecycle (SSDLC) principles.
- Experience operating in regulated environments with strong control, audit, and compliance requirements, preferably within financial services.
- Strong communication skills with the ability to influence engineering teams and translate complex security risks into practical technical solutions.
